From mboxrd@z Thu Jan 1 00:00:00 1970 From: Syunsuke HAYASHI Subject: Re: [XSM:ACM] When cw is used, dom0 reboots. Date: Wed, 26 Sep 2007 11:12:41 +0900 Message-ID: <46F9C019.8030003@jp.fujitsu.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org Hi, Stefan. I am trying XSM/ACM on CS 15880. It is big information that XSM/ACM works fine on CS15661. Thank you. Then, is my setting only bad? Please teach your setting. (Config.mk, xm-config.xml,xend-config.sxp,guest.conf,.....etc) The setting to use XSM/ACM is as follows. 1:Config.mk(Setting when installing xen) 81 # Enable XSM security module. Enabling XSM requires selection of an 82 # XSM security module (FLASK_ENABLE or ACM_SECURITY). 83 XSM_ENABLE ?= y <---- I wrote like this. ~~~~ 84 FLASK_ENABLE ?= n 85 ACM_SECURITY ?= y <---- I wrote like this. ~~~~ 86 87 # Optional components 88 XENSTAT_XENTOP ?= y 89 VTPM_TOOLS ?= n 90 LIBXENAPI_BINDINGS ?= n 91 XENFB_TOOLS ?= n 92 PYTHON_TOOLS ?= y 2:xend-config-xenapi.sxp 54 # Default: 55 # (xen-api-server ((unix))) 56 (xen-api-server ((9363 none))) <---- I wrote like this. 3:xm-config.xml 43 47 48 49 50 Syunsuke HAYASHI. > > Hello! > > Which changeset of Xen are you trying this on? I just tried this on a > version before XSM was added and it worked fine (CS 15661). > > Stefan > > > > xen-devel-bounces@lists.xensource.com wrote on 09/24/2007 11:02:11 PM: > > > Hi , > > > > When cw is used, dom0 reboots. > > Though I set quest memory size. > > > > I want to study into the cause. > > Please teach how to examine it. > > > > > > > > > > #xm create vm1.conf <-- OK > > #xm create vm4.conf <-- NO > > ................... <-- system boot > > > > #last > > root pts/1 myPC Tue Sep 25 11:25 - crash (09:01) > > reboot system boot 2.6.18-xen Tue Sep 25 20:06 (-8:-16) > > ~~~~~~~~~~~ > > > > > > ---------------about my setting-------------------- > > Xen-api is effective. > > > > > > #cat vm1.conf > > kernel = "/boot/vmlinuz-2.6.18-xen" > > ramdisk = "/boot/initrd-2.6.18-xenU.img" > > memory = "128" > > ~~~~ > > name = "vm1" > > disk = [ 'file:/xen/vm1.img,sda1,w' ] > > vif = [ '' ] > > root = "/dev/sda1 ro" > > on_xend_stop = "suspend" > > extra = "3 xencons=tty" > > access_control = ['policy=example.client_v1,label=dom_HomeBanking'] > > > > #cat vm4.conf > > kernel = "/boot/vmlinuz-2.6.18-xen" > > ramdisk = "/boot/initrd-2.6.18-xenU.img" > > memory = "128" > > ~~~~~ > > name = "vm4" > > disk = [ 'file:/xen/vm4.img,sda1,w'] > > vif = [ '' ] > > root = "/dev/sda1 ro" > > on_xend_stop = "suspend" > > extra = "3" > > access_control = ['policy=example.client_v1,label=dom_Fun'] > > > > > > #xm dumppolicy > > Policy dump: > > ============ > > POLICY REFERENCE = example.client_v1. > > PolicyVer = 0. > > XML Vers. = 1.0 > > Magic = 1debc. > > Len = 198. > > Primary = CHINESE WALL (c=1, off=40). > > Secondary = SIMPLE TYPE ENFORCEMENT (c=2, off=b8). > > > > > > Chinese Wall policy: > > ==================== > > Policy version= 0. > > Max Types = 4. > > Max Ssidrefs = 7. > > Max ConfSets = 1. > > Ssidrefs Off = 24. > > Conflicts Off = 5c. > > Runing T. Off = 64. > > C. Agg. Off = 6c. > > > > SSID To CHWALL-Type matrix: > > > > ssidref 0: 00 00 00 00 > > ssidref 1: 00 00 00 01 <-- Domain-0 > > ssidref 2: 00 01 00 00 > > ssidref 3: 01 00 00 00 > > ssidref 4: 00 00 01 00 > > ssidref 5: 00 00 00 01 > > ssidref 6: 00 00 00 01 > > > > Confict Sets: > > > > c-set 0: 01 00 01 00 > > > > Running > > Types: 00 00 00 01 > > > > Conflict > > Aggregate Set: 00 00 00 00 > > > > > > Simple Type Enforcement policy: > > =============================== > > Policy version= 0. > > Max Types = 6. > > Max Ssidrefs = 11. > > Ssidrefs Off = 14. > > > > SSID To STE-Type matrix: > > > > ssidref 0: 00 00 00 00 00 00 > > ssidref 1: 01 01 01 01 01 01 <-- Domain-0 > > ssidref 2: 01 00 00 00 00 00 > > ssidref 3: 00 01 00 00 00 00 > > ssidref 4: 00 00 00 00 01 00 > > ssidref 5: 01 01 01 00 01 00 > > ssidref 6: 00 01 00 01 01 00 > > ssidref 7: 00 00 01 00 00 00 > > ssidref 8: 00 00 00 00 00 01 > > ssidref 9: 00 00 00 01 00 00 > > ssidref a: 00 00 00 00 01 00 > > ssidref b: 00 01 00 00 00 00 > > ssidref c: 00 00 00 00 01 00 > > ssidref d: 00 00 00 00 01 00 > > ssidref e: 00 01 00 00 00 00 > > ssidref f: 00 00 00 00 00 01 > > ssidref10: 00 00 00 00 01 00 > > > > Thanks, > > > > Syunsuke Hayashi. > > > > > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@lists.xensource.com > > http://lists.xensource.com/xen-devel > > > ------------------------------------------------------------------------ > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel